Researchers Believe Wireless Insulin Pumps Need Higher Security Standards

Posted Aug 6, 2011

At the Black Hat Technical Security Conference, Jay Radcliffe discussed how an attacker could hack an insulin pump that is connected to a wireless glucose monitor and deliver fatal doses of the sugar-regulating hormone. The chances of someone actually doing this is very slim, but pointing out the vulnerabilities and the possibility of doing this raised concern in the media.

Apparently hackers with a powerful enough antenna could launch an attack from “up to half a mile away.” Radcliffe has not figured out how to attack a wireless glucose monitor yet, but he said it could become a reality some day.

Scott Hanselman, a Principal Program Manager at Microsoft, did not take too kindly by all of the articles that scare people into thinking hackers could take over the wireless insulin pumps. Below is what Hanselman wrote in response to some of the Engadget and VentureBeat articles associated with the same content:

First, a little on my background. I’ve been Type 1 diabetic for 17 years. I’ve worn an insulin pump 24 hours a day, 7 days a week for over 11 years and a continuous glucose meter non-stop for over 5 years. I also wrote one of the first portable glucoses management systems for the original PalmPilot over 10 years ago and successfully sold it to a health management company. ( link) I also interfaced it (albeit with wires) to a number of portable glucose meters, also a first.

Engadget’s is a mostly reasonable headline and accurate explanation as they say he “figures an attacker could…” However, Computerworld really goes all out with the scare tactics with Black Hat: Lethal Hack and wireless attack on insulin pumps to kill people.

Like something straight out of science fiction, an attacker with a powerful antenna could be up to a half mile away from a victim yet launch a wireless hack to remotely control an insulin pump and potentially kill the victim.

The only thing that saves this initial paragraph is “potentially.” The link that is getting the most Tweets is VentureBeat’s “Excuse me while I turn off your insulin pump,” a blog post that is rife with inaccuracies (not to mention a lot of misspellings). Here’s just a few.

1. “Insulin pumps use wireless sensors that detect blood sugar levels and then communicate the data to a screen on the insulin pump.”
– Way too broad. Pumps don’t. Some CGMs (continuous glucose meters) communicate with special integrated pumps. The most popular integrated system is a Medtronic Paradigm. Most other CGM system have a separate “screen” device that’s separate from the pump.
2. “The sensor has to run on a 1.5-volt watch battery for two years.”
– Nope. The Medtronic sensor needs to be charged ever 3 to 6 days. The pump battery is usually a AAA that lasts a few weeks.

[Scott Hanselman’s Blog]